package mwt.xml.waxdbforms.common;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import mwt.xml.waxdbforms.business.SecurityService;
import mwt.xml.waxdbforms.business.WAXDBFormsServiceFactory;
import org.securityfilter.realm.SimpleSecurityRealmBase;


public class WaxdbfRealm extends SimpleSecurityRealmBase {

    @Override
    public boolean booleanAuthenticate(String username, String password, 
            HttpServletRequest request) {

        if (username == null || username.length() == 0 ||
                password == null || password.length() == 0) {
            return false;
        }

        WAXDBFormsServiceFactory factory = WAXDBFormsServiceFactory.getInstance();
        SecurityService security = factory.getSecurityService();

        if (security.login(username, password)) {
            request.getSession().setAttribute("userGroup", "user");
            return true;
        }

        return false;
    }

    @Override
    public boolean isUserInRole(String username, String rolename, HttpServletRequest request) {
        HttpSession session = request.getSession();

        return rolename.equals(session.getAttribute("userGroup"));
    }
}
